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DETAILED ACTION 

1 . This action is responding to application papers filed 4-9-2007. 

2. Claims 1-61 are pending. Claims 1, 31, 44, 49, 59 have been amended. 
Claims 1, 20, 31, 34, 49 are independent. 

Response to Remarks 

3 The following is in response to remarks dated 4-9-2007. 

3.1 Applicant argues, does not utilize clear text storage, (see Remarks Pages 12, 13, 
17) 

The Nonaka prior art discloses the ability to store content in an unencrypted form 
or clear text form, (see Nonaka paragraph [0192], lines 1-5; paragraph [0239], lines 1- 
3: content data may be stored in an unencrypted (clear text) form, or it may be stored in 
an encrypted form) The Nonaka prior art disclose the capability for the storage of 
content data in both encrypted and unencrypted form. 

3.2 Applicant argues, does not disclose a device key. (see Remarks Page 14) 
The Nonaka prior art discloses an apparatus for encryption functions with 

cryptographic key capabilities and a license (device) key. (see Nonaka paragraph 
[0019], lines 7-11: data processing apparatus; paragraph [0339], lines 2-6: attached 
host CPU, client, apparatus, license (device) key) Applicant remarks mentions a 
unique key but the term "unique" does not appear anywhere within the specification or 
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the original claims. There is no disclosure in the specification or the original claims that 
the device key is unique. 

3.3 Applicant argues, does not disclose tracking usage of content, (see Remarks 
Page 14) 

The Nonaka prior art discloses the capability for the usage of content data to be 
tracked. The usage of content is tracked and logged by the Nonaka prior art. 
(see Nonaka paragraph [0053], lines 23-27: track content usage) 

3.4 Applicant argues, does not disclose unlimited playback, (see Remarks Page 15) 
The Nonaka prior art discloses playback capability. There is no indication of 

placing a limitation or restriction on the playback capabilities of content data, (see 
Nonaka paragraph [0362], lines 1-2; paragraph [0477], lines 1-3: unrestricted (unlimited) 
playback capabilities) It may be unsurprising, but the unlimited playback of content 
data is disclosed. 

3.5 Applicant argues, concerning obviousness, (see Remarks Page 17) 
Applicant is reminded that the test for obviousness is not whether the features of a 

secondary reference may be bodily incorporated into the structure of the primary 
reference; nor is it that the claimed invention must be expressly suggested in any one or 
all of the references. Rather, the test is what the combined teachings of the references 
would have suggested to those of ordinary skill in the art. See In re Keller, 642 F.2d 
41 3, 208 USPQ 871 (CCPA 1 981 ). 
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Furthermore, in response to applicant's arguments against the reference 
individually, one cannot show nonobviousness by attacking references individually 
where rejections are based on combinations of references. See In re Keller, 642 F.2d 
413, 208 USPQ 871 (CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 
(Fed. Cir. 1986). 

3.6 Applicant argues, concerning content disabling (revocation), (see Remarks Page 
18) > 

The Nonaka and Chase prior art combination discloses the capability for content 
data revocation (disabling) as presented within the claimed limitation, (see Chase col. 3, 
lines 60-63: usage request; col. 4, lines 10-16; col. 33, lines 54-56; col. 33, lines 60-63; 
col. 34, lines 4-9: content compromised, content disabled, access permitted only if 
content is not disabled) The Chase prior art is in an analogous field of endeavor, which 
is the field of content data access management and its protection based on access 
rights. Any additional functions do not remove the fact that the referenced prior art 
discloses the revocation or disabling of content data. 

3.7 Applicant argues, Serret-Avila is not analogous art. (see Remarks Page 16) 
The Serret-Avila prior is in the same field of endeavor as the claimed invention. 

The Serret-Avila prior art concerns systems and methods for authenticating and 
protecting the integrity of electronic information (content data) using cryptographic 
techniques. The generation of a hash is a cryptographic technique and utilized in the 
claimed invention. Authentication is the application of access rights to electronic 
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information or content data to determine the scope of access and utilized in the claimed 
invention. 

3.8 The examiner has considered the applicant's remarks concerning a system that 
processes rights information associated with content data stored at a client device by 
the generation of an encrypted integrity hash utilizing a client device key. Applicant's 
arguments have thus been fully analyzed and considered but they are not persuasive. 

After an additional analysis of the applicant's invention, remarks, and a search of 
the available prior art, it was determined that the current set of prior art consisting of 
Nonaka (20030046238), Serret-Avila (6,959,384), and Chase (7,080,043) discloses the 
applicant's invention including disclosures in Remarks dated April 9, 2007. 

Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102(e) 
that form the basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by 
the applicant for patent, except that an international application filed under the treaty defined in 
section 351 (a) shall have the effects for purposes of this subsection of an application filed in the 
United States only if the international application designated the United States and was published 
under Article 21 (2) of such treaty in the English language. 

5. Claims 1 - 4, 6, 8, 9, 1 1 - 24, 26 - 31 , 34 - 39, 41 , 42, 44 - 52, 54, 56, 57, 59 - 61 

are rejected under 35 U.S.C. 102(e) as being anticipated by Nonaka et al. (US PGPUB 
No. 20030046238). 
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Regarding Claim 1, Nonaka discloses a method comprising: 

a) obtaining an integrity hash of rights information stored in a clear form at a client 
device, said rights information being associated with content stored at the client 
device; (see Nonaka paragraph [0019, lines 1-6; paragraph [0019], lines 7-11; 
paragraph [0027], lines 1-7: generate (i.e. obtain) integrity hash using UCP (i.e. 
rights) information; paragraph [0246], lines 1-4: storage circuit for encrypted 
content key data; paragraph [0019], lines 1-6; paragraph [0019], lines 7-11: data 
processing apparatus; paragraph [0339], lines 2-6: attached host CPU, client; 
paragraph [01 92],. lines 1-5; paragraph [0239], lines 1-3: data may be stored in 
an unencrypted (clear text) form) 

b) encrypting the integrity hash using a client device key to generate an encrypted 
hash, said client device key being externally inaccessible from the client device; 
(see Nonaka (see Nonaka paragraph [0026], lines 21-25: encryption utilized UCP 
(i.e. rights) information; paragraph [0036], lines 1-4: license (i.e. device) key 
utilized; paragraph [0346], lines 5-8: inaccessible secure trusted device utilized 
for hash generation) and 

c) storing the encrypted hash on the client device, (see Nonaka paragraph [0246], 
lines 1-4: storage circuit for encrypted content key data; paragraph [0019], lines 
1-6; paragraph [0019], lines 7-11: data processing apparatus; paragraph [0339], 
lines 2-6: attached host CPU, client) 
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Regarding Claims 2, 35, 50, Nonaka discloses the method of claim 1 wherein 
obtaining the integrity hash comprises: receiving the integrity hash from a server device, 
(see Nonaka paragraph [0476], lines 1-4; paragraph [0525], lines 3-6: receive hash, 
UCP (i.e. rights) information; paragraph [0019], lines 1-6; paragraph [0019], lines 7-11: 
data processing apparatus; paragraph [0339], lines 2-6: attached host CPU, server) 

Regarding Claims 3, 36, 51, Nonaka discloses the method of claim 1 wherein 
obtaining the integrity hash comprises: generating the integrity hash on the client 
device, (see Nonaka paragraph [0027], lines 1-7: generate hash; paragraph [0019], 
lines 1-6; paragraph [0019], lines 7-11: data processing apparatus; paragraph [0339], 
lines 2-6: attached host CPU, client) 

Regarding Claims 4, 37, 52, Nonaka discloses the method of claim 3 wherein 
generating the integrity hash on the client device comprises: 

a) applying the client device key in a combination with the rights information; (see 
Nonaka paragraph [0027], lines 1-5; : license key utilized with UCP (i.e. rights 
information) for hash generation) and 

b) determining the integrity hash from the combination of the rights information and 
the client device key. (see Nonaka paragraph [0027], lines 1-7: license (i.e. 
device) key, UCP (i.e. rights information) utilized to generate (i.e. determine) 
hash) 
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Regarding Claims 6, 39, 54, Nonaka discloses the method of claim 5 wherein 
obtaining the second integrity hash comprises: receiving the second integrity hash from 
a server device (see Nonaka paragraph [0476], lines 1-4; paragraph [0525], lines 3-6: 
receive hash, UCP (i.e. rights) information; paragraph [0019], lines 1-6; paragraph 
[0019], lines 7-11: data processing apparatus; paragraph [0339], lines 2-6: attached 
host CPU, server), said server device having generated the second integrity hash using 
a server device key. (see Nonaka paragraph [0026], lines 21-25: encryption utilized; 
paragraph [0036], lines 1-4: license (i.e. device) key utilized; paragraph [0019], lines 1- 
6; paragraph [0019], lines 7-11: data processing apparatus; paragraph [0339], lines 2-6: 
attached host CPU, server) 

Regarding Claims 8, 56, Nonaka discloses the method of claim 1 further comprising: 

a) receiving, at the client device, a content key for the content; (see Nonaka 
paragraph [0026], lines 21-25: receive encryption key) 

b) encrypting the content key using the client device key to generate an encrypted 
content key; (see Nonaka paragraph [0026], lines 21-25: encryption utilized; 
paragraph [0036], lines 1-4: license (i.e. device) key utilized) and 

c) storing the encrypted content key on the client device, (see Nonaka paragraph 
[0246], lines 1-4: storage circuit for encrypted content key data; paragraph 
[0019], lines 1-6; paragraph [0019], lines 7-11: data processing apparatus; 
paragraph [0339], lines 2-6: attached host CPU, client) 
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Regarding Claims 9, 42, 57, Nonaka discloses the method of claim 1 further 
comprising: 

a) generating a validation hash from at least the rights information; (see Nonaka 
paragraph [0019, lines 1-6; paragraph [0019], lines 7-11: data processing 
apparatus (i.e. client device); paragraph [0027], lines 1-7: generate integrity (i.e. 
validation) hash) 

b) decrypting the encrypted hash to recover the integrity hash; (see Nonaka 
paragraph [0019], lines 1-6; paragraph [0021], lines 3-8: decryption of UCP (i.e. 
rights) information) and 

c) comparing the validation hash to the integrity hash to detect tampering with the 
rights information, (see Nonaka paragraph [0246], lines 4-8: comparison of hash 
values to detect tampering) 

Regarding Claim 11, Nonaka discloses the method of claim 1 further comprising: 
storing the rights information on the client device in a clear form, (see Nonaka 
paragraph [0246], lines 1-4: storage circuit for UCP (i.e. rights information), and content 
key data; paragraph [0019], lines 1-6; paragraph [0019], lines 7-11: data processing 
apparatus; paragraph [0339], lines 2-6: attached host CPU, client) 

Regarding Claims 12, 60, Nonaka discloses the method of claim 10 further comprising: 
reading the rights information from the client device in the clear form out to a server 
device, (see Nonaka paragraph [0476], lines 1-4; paragraph [0525], lines 3-6: transfer 
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UCP (i.e. rights) information) 

Regarding Claims 13, 28, 29, 30, 45, 61, Nonaka discloses the method of claim 1 
wherein the rights information comprise usage information, the method further 
comprising: 

a) tracking usage of the content; (see Nonaka paragraph [0053], lines 23-27: track 
content usage) 

b) updating the rights information with changes in usage; (see Nonaka paragraph 
[0476], lines 1-4; paragraph [0525], lines 3-6: transfer (i.e. update) UCP (i.e. 
rights) information) 

c) regenerating, re-encrypting, and restoring the integrity hash on the client device 
for each update of the rights information, (see Nonaka paragraph [0019, lines 1- 
6; paragraph [0019], lines 7-11: data processing apparatus (i.e. client device); 
paragraph [0027], lines 1-7: re-generate (i.e. generate a second time) integrity 
hash; paragraph [0246], lines 1-4: storage circuit for encrypted UCP (i.e. rights) 
information) 

Regarding Claim 14, Nonaka discloses the method of claim 1 wherein the integrity 
hash comprises a Hash Message Authentication Code (HMAC). (see Nonaka 
paragraph [0027], lines 1-7: generate a hash (i.e. integrity hash) value utilizing 
cryptographic (i.e. encryption/decryption key) procedures in a hash authentication 
processing system) 
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Regarding Claims 15, 46, Nonaka discloses the method of claim 1 wherein the client 
device key comprises a code embedded in hardware of the client device having no 
externally accessible data path, (see Nonaka paragraph [0036], lines 1-4: license (i.e. 
device) key utilized; paragraph [0346], lines 5-8: inaccessible secure device utilized for 
hash generation) 

Regarding Claim 16, Nonaka discloses the method of claim 1 wherein the client device 
comprises at least one of an MP3 player, a personal data assistant, and cellular phone, 
(see Nonaka paragraph [0019], lines 1-6; paragraph [0019], lines 7-11: data processing 
apparatus; paragraph [0339], lines 2-6: attached host CPU, client device such as a 
PDA, cellular phone, or MP3 player (i.e. systems containing CPU)) 

Regarding Claim 17, Nonaka discloses the method of claim 1 further comprising at 
least one of: 

a) downloading the rights information from a server device; (see Nonaka paragraph 
[0476], lines 1-4; paragraph [0525], lines 3-6: transfer (i.e. download) UCP (i.e. 
rights) information) and 

b) installing a storage medium having the rights information stored thereon, (see 
Nonaka paragraph [0537], lines 3-6: place (i.e. install) on recording medium 
containing UCP (i.e. rights) information) 
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Regarding Claim 18, Nonaka discloses the method of claim 1 wherein the rights 
information grant unlimited play for the content on the client device, (see Nonaka 
paragraph [0339], lines 2-6: playback module; paragraph [0346], lines 1-5: playback 
content data) 

Regarding Claim 19, Nonaka discloses the method of claim 3 wherein generating the 
integrity hash comprises generating the integrity hash in trusted hardware, (see Nonaka 
paragraph [0027], lines 1-7: obtain, generate integrity hash: SAM (i.e. trusted, secure 
hardware), generate hash; paragraph [0346], lines 5-8: inaccessible secure, trusted 
device) 

Regarding Claim 20, Nonaka discloses a method comprising: 

a) obtaining a first integrity hash of rights information stored at a client device, said 
rights information being associated with content stored at the client device, said 
first integrity hash having been generated using an external key as an integrity 
secret; (see Nonaka paragraph [0027], lines 1-7: generate (i.e. obtain) integrity 
hash; paragraph [0022], lines 1-5: external, session key utilized) 

b) obtaining a second integrity hash of the rights information; (see Nonaka 
paragraph [0019, lines 1-6; paragraph [0019], lines 7-11: data processing 
apparatus (i.e. client device); paragraph [0027], lines 1-7: re-generate or obtain 
(i.e. a second) integrity hash) 
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c) encrypting the second integrity hash using a client device key to generate an 
encrypted hash, said client device key being externally inaccessible from the 
client device; (see Nonaka paragraph [0026], lines 21-25: encryption utilized; 
paragraph [0036], lines 1-4: license (i.e. device) key utilized; paragraph [0346], 
lines 5-8: inaccessible secure device utilized for hash generation) 

d) storing the rights information and the first integrity hash at the client device in a 
clear form; (see Nonaka paragraph [0246], lines 1-4: storage circuit for content 
key data; paragraph [0019], lines 1-6; paragraph [0019], lines 7-11: data 
processing apparatus; paragraph [0339], lines 2-6: attached host CPU, client) 
and 

e) storing the encrypted hash at the client device, (see Nonaka paragraph [0246], 
lines 1-4: storage circuit for encrypted content key data storage; paragraph 
[0019], lines 1-6; paragraph [0019], lines 7-11: data processing apparatus; 
paragraph [0339], lines 2-6: attached host CPU, client) 

Regarding Claim 21, Nonaka discloses the method of claim 20 further comprising: 

a) receiving a content key at the client device for the content; (see Nonaka 
paragraph [0026], lines 21-25: receive an encryption key at client device) 

b) encrypting the content key using the client device key to generate an encrypted 
content key; (see Nonaka paragraph [0026], lines 21-25: encryption utilized; 
paragraph [0036], lines 1-4: license (i.e. device) key utilized) and 
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c) storing the encrypted content key on the client device, (see Nonaka paragraph 
[0246], lines 1-4: storage circuit for encrypted content key data; paragraph 
[0019], lines 1-6; paragraph [0019], lines 7-11: data processing apparatus; 
paragraph [0339], lines 2-6: attached host CPU, client) 

Regarding Claim 22, Nonaka discloses the method of claim 20 wherein obtaining the 
first integrity hash comprises: 

a) receiving the external key at the client device; (see Nonaka paragraph [0026], 
lines 21-25: receive key (i.e. session key) at client device) and 

b) generating the first integrity hash at the client device using the external key. (see 
Nonaka paragraph [0027], lines 1-7: generate integrity hash value at client 
device) 

Regarding Claim 23, Nonaka discloses the method of claim 20 wherein obtaining the 
first integrity hash comprises: receiving the first integrity hash from a server device, (see 
Nonaka paragraph [0476], lines 1-4; paragraph [0525], lines 3-6: receive UCP (i.e. 
rights) information; paragraph [0019], lines 1-6; paragraph [0019], lines 7-11: data 
processing apparatus; paragraph [0339], lines 2-6: attached host CPU, server) 

Regarding Claim 24, Nonaka discloses the method of claim 20 wherein obtaining the 
second integrity hash comprises: 
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a) receiving the second integrity hash from a server device; (see Nonaka paragraph 
[0476], lines 1-4; paragraph [0525], lines 3-6: receive UCP (i.e. rights) 
information; paragraph [0019], lines 1-6; paragraph [0019], lines 7-11: data 
processing apparatus; paragraph [0339], lines 2-6: attached host CPU, server) 
and 

b) receiving a key used by the server device to generate the second integrity hash, 
(see Nonaka paragraph [0026], lines 21-25: receiving key) 

Regarding Claim 26, Nonaka discloses the method of claim 20 further comprising: 

a) reading the rights information and the first integrity hash from the client device in 
the clear form out to a server device; (see Nonaka paragraph [0476], lines 1-4; 
paragraph [0525], lines 3-6: transfer (i.e. reading) UCP (i.e. rights) information)) 

b) generating a validation hash, using the external key, of at least the rights 
information read from the client device; (see Nonaka paragraph [0027], lines 1-7: 
generate integrity hash at client device; paragraph [0022], lines 1-5: external, 
session key utilized) and 

c) comparing the validation hash to the first integrity hash to detect tampering, (see 
Nonaka paragraph [0246], lines 4-8: comparison hash values to detect 
tampering) 

Regarding Claim 27, Nonaka discloses the method of claim 20 further comprising: 
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a) generating a validation hash from at least the rights information; (see Nonaka 
paragraph [0019, lines 1-6; paragraph [0019], lines 7-11: data processing 
apparatus (i.e. client device); paragraph [0027], lines 1-7: generate integrity 
hash) 

b) decrypting the encrypted hash using the client device key to recover the second 
integrity hash; (see Nonaka paragraph [0019], lines 1-6; paragraph [0021], lines 
3-8: decryption UCP (i.e. rights) information) and 

c) comparing the validation hash to the second integrity hash to detect tampering, 
(see Nonaka paragraph [0246], lines 4-8: comparison hash values to detect 
tampering) 

Regarding Claim 31, Nonaka discloses a method comprising: 

a) generating a validation hash from at least stored clear form rights information 
associated with content stored on a client device; ((see Nonaka paragraph [0019, 
lines 1-6; paragraph [0019], lines 7-11: data processing apparatus (i.e. client 
device); paragraph [0027], lines 1-7: generate integrity hash; paragraph [0192], 
lines 1-5; paragraph [0239], lines 1-3: data may be stored in an unencrypted 
(clear text) form) 

b) decrypting an encrypted hash to recover an integrity hash using a client device 
key that is externally inaccessible from the client device, said integrity hash 
having been previously generated from at least the stored clear form rights 
information associated with the content; (see Nonaka paragraph [0019], lines 1- 
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6; paragraph [0021], lines 3-8: decryption UCP (i.e. rights) information; paragraph 
[0346], lines 5-8: inaccessible secure device utilized for hash generation; 
paragraph [0192], lines 1-5; paragraph [0239], lines 1-3: data may be stored in 
an unencrypted (clear text) form) and 
c) comparing the validation hash to the integrity hash to detect tampering with the 
rights information, (see Nonaka paragraph [0246], lines 4-8: comparison hash 
values to detect tampering) 

Regarding Claim 34, Nonaka discloses a client device comprising: 

a) a register to store a client device key, said register being externally inaccessible 
from the client device; (see Nonaka paragraph [0048], lines 1-4: register usage 
by data processing apparatus) 

b) a memory to store content and clear form rights information associated with the 
content, said memory being externally accessible; (see Nonaka paragraph 
[0246], lines 1-4: storage circuit for content key data; paragraph [0192], lines 1-5; 
paragraph [0239], lines 1-3: data may be stored in an unencrypted (clear text) 
form) 

c) hash circuitry to obtain an integrity hash of the rights information; ((see Nonaka 
paragraph [0019, lines 1-6; paragraph [0019], lines 7-11: data processing 
apparatus (i.e. client device); paragraph [0027], lines 1-7: generate (i.e. obtain) 
integrity hash) and 
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d) encryption circuitry to encrypt the integrity hash using the client device key to 
generate an encrypted hash; (see Nonaka paragraph [0026], lines 21-25: 
encryption utilized; paragraph [0036], lines 1-4: license (i.e. device) key utilized) 

e) said memory to store the encrypted hash, (see Nonaka paragraph [0246], lines 1- 
4: storage circuit for encrypted content key data; paragraph [0019], lines 1-6; 
paragraph [0019], lines 7-11: data processing apparatus; paragraph [0339], lines 
2-6: attached host CPU, client) 

Regarding Claim 38, Nonaka discloses the client device of claim 34 wherein the 
integrity hash comprises a first integrity hash, the hash circuitry further to obtain a 
second integrity hash of the rights information, said memory to store the second 
integrity hash in a clear form, (see Nonaka paragraph [0246], lines 1-4: storage circuit 
for content data; paragraph [0019], lines 1-6; paragraph [0019], lines 7-11: data 
processing apparatus; paragraph [0339], lines 2-6: attached host CPU, client) 

Regarding Claim 41, Nonaka discloses the client device of claim 34 wherein 

a) the encryption circuitry is to encrypt a content key for the content using the client 
device key to generate an encrypted content key; (see Nonaka paragraph [0026], 
lines 21-25: encryption utilized; paragraph [0036], lines 1-4: license (i.e. device) 
key utilized) and 

b) the memory is to store the encrypted content key on the client device, ((see 
Nonaka paragraph [0246], lines 1-4: storage circuit (i.e. memory) for encrypted 
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content key data; paragraph [0019], lines 1-6; paragraph [0019], lines 7-11: data 
processing apparatus; paragraph [0339], lines 2-6: attached host CPU, client)) 

Regarding Claim 44, Nonaka discloses the method of claim 1 further comprising: 
storing the rights information on the client device in a clear form- along with an encrypted 
hash (see Nonaka paragraph [0246], lines 1-4: storage circuit for UCP (i.e. rights 
information), and content key data; paragraph [0019], lines 1-6; paragraph [0019], lines 
7-1 1 : data processing apparatus; paragraph [0339], lines 2-6: attached host CPU, client; 
paragraph [0192], lines 1-5; paragraph [0239], lines 1-3: data may be stored in an 
unencrypted (clear text) form) 

Regarding Claim 47, Nonaka discloses the client device of claim 34 further comprising 
at least one of: 

a) an input port to download the rights information from a server device; (see 
Nonaka paragraph [0019], lines 7-10: interface (i.e. bus) for UCP (i.e. rights) 
information transfer) and 

b) a storage medium port to receive a storage medium having the rights information 
stored thereon, (see Nonaka paragraph [0246], lines 1-4: storage circuit for UCP 
(i.e. rights) information) 

Regarding Claim 48, Nonaka discloses the client device of claim 47 wherein the 
memory at least partially comprises the storage medium, (see Nonaka paragraph 
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[0246], lines 1-4: storage circuit (i.e. memory) for content data) 

Regarding Claim 49, Nonaka discloses a machine readable medium having stored 
thereon machine executable instructions, the execution of which to implement a method 
comprising: 

a) receiving clea r form rights information at a client device, said rights information 
being associated with content stored on the client device, said client device 
having a client device key that is externally inaccessible from the client device; 
(see Nonaka paragraph [0476], lines 1 -4; paragraph [0525], lines 3-6: transfer 
UCP (i.e. rights) information; paragraph [0346], lines 5-8: inaccessible secure 
device utilized for hash generation; paragraph [0192], lines 1-5; paragraph 
[0239], lines 1-3: data may be stored in an unencrypted (clear text) form) 

b) storing the rights information on the client device in a clear form; (see Nonaka 
paragraph [0192], lines 1-5; paragraph [0239], lines 1-3: data may be stored in 
an unencrypted (clear text) form) 

c) obtaining an integrity hash of the rights information; (see Nonaka paragraph 
[0019, lines 1-6; paragraph [0019], lines 7-11: data processing apparatus (i.e. 
client device); paragraph [0027], lines 1-7: generate (i.e. obtain) integrity hash) 

d) encrypting the integrity hash using the client device key to generate an encrypted 
hash; (see Nonaka paragraph [0026], lines 21-25: encryption utilized; paragraph 
[0036], lines 1-4: license (i.e. device) key utilized) and 
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e) storing the encrypted hash on the client device, (see Nonaka paragraph [0246], 
lines 1-4: storage circuit for encrypted content key data; paragraph [0019], lines 
1-6; paragraph [0019], lines 7-11: data processing apparatus; paragraph [0339], 
lines 2-6: attached host CPU, client) 

Regarding Claim 59, Nonaka discloses the method of claim 49 wherein the rights 
information grants unlimited play for the content on the client device, (see Nonaka 
paragraph [0246], lines 1-4: storage circuit for UCP (i.e. rights information), and content 
key data; paragraph [0019], lines 1-6; paragraph [0019], lines 7-11: data processing 
apparatus; paragraph [0339], lines 2-6: attached host CPU, client; paragraph [0362], 
lines 1-2; paragraph [0477], lines 1-3: unrestricted (unlimited) playback) 

Claim Rejections - 35 USC § 103 



6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 



7. Claims 5, 7, 25, 40, 53, 55 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Nonaka in view of Serret-Avila et al. (US Patent No. 6,959,384). 
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Regarding Claims 5, 53, Nonaka discloses the method of claim 1 wherein the integrity 
hash comprises a first integrity hash, the method further comprising: 

b) storing the second integrity hash on the client device in a clear form, (see 

Nonaka paragraph [0246], lines 1-4: storage circuit for content key data (i.e. first 
or second integrity hash); paragraph [0019], lines 1-6; paragraph [0019], lines 7- 
11: data processing apparatus; paragraph [0339], lines 2-6: attached host CPU, 
client) 

Nonaka does specifically disclose the capability to generate a second integrity hash 
using a first integrity hash. 
However, Serret-Avila discloses: 

a) obtaining a second integrity hash of the rights information; (see Serret-Avila col.4, 
lines 43-49; col. 5, lines 2-1 1 : integrity hash generation using input hash value) 
It would have been obvious to one of ordinary skill in the art to modify Nonaka as 
taught by Serret-Avila to enable the capability to generate a second integrity hash. One 
of ordinary skill in the art would have been motivated to employ the teachings of Serret- 
Avila in order to enable a relatively fast, secure, and efficient authentication of data 
streams, (see Serret-Avila col. 2, line 66 - col. 3, line 3: "... a need for systems and 
methods that overcome some or all of these limitations by providing relatively fast, 
secure, and efficient authentication of data streams and other electronic content. 
...") 
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Regarding Claims 7, 40, 55, Nonaka discloses the method of claim 5 wherein 

obtaining the first integrity hash comprises: 

Nonaka discloses wherein applying the client device key in a combination with the 
rights information and the second integrity hash, and determining the first integrity 
hash from the combination of the rights information, the second integrity hash, and 
the client device key. (see Nonaka paragraph [0026], lines 21-25: encrypt data UCP 
(i.e. rights information); paragraph [0036], lines 1-4: license key usage) Nonaka 
does specifically disclose the capability to generate a second integrity hash using a 
first integrity hash. 
However, Serret-Avila discloses: 

a) applying the client device key in a combination with the rights information and the 
second integrity hash; and (see Serret-Avila col. 4, lines 43-49; col. 5, lines 2-11: 
integrity hash generation using input hash value) 

b) determining the first integrity hash from the combination of the rights information, 
the second integrity hash, and the client device key. (see Serret-Avila col. 4, 
lines 43-49; col. 5, lines 2-11: integrity hash generation using input hash value) 

It would have been obvious to one of ordinary skill in the art to modify Nonaka 
as taught by Serret-Avila to enable the capability to generate a second integrity 
hash. One of ordinary skill in the art would have been motivated to employ the 
teachings of Serret-Avila in order to enable a relatively fast, secure, and efficient 
authentication of data streams, (see Serret-Avila col. 2, line 66 - col. 3, line 3) 
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Regarding Claim 25, Nonaka discloses the method of claim 20 wherein obtaining the 
second integrity hash comprises: generating the second integrity hash at the client 
device using the client device key as an integrity secret, (see Nonaka paragraph [0019, 
lines 1-6; paragraph [0019], lines 7-11: data processing apparatus (i.e. client device); 
paragraph [0027], lines 1-7: generate integrity hash) Nonaka does specifically disclose 
the capability to generate a second integrity hash using a first integrity hash. However, 
Serret-Avila discloses wherein generating the second integrity hash at the client device 
using the client device key as an integrity secret, (see Serret-Avila col. 4, lines 43-49; 
col.. 5, lines 2-11: integrity hash generation using input hash value) 

It would have been obvious to one of ordinary skill in the art to modify Nonaka as 
taught by Serret-Avila to enable the capability to generate a second integrity hash. One 
of ordinary skill in the art would have been motivated to employ the teachings of Serret- 
Avila in order to enable a relatively fast, secure, and efficient authentication of data 
streams, (see Serret-Avila col. 2, line 66 - col. 3, line 3) 

8. Claims 10, 32, 33, 43, 58 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Nonaka in view of Chase, Jr et al. (US Patent No. 7,080,043). 

Regarding Claims 10, 32, 43, 58, Nonaka discloses the method of claim 9. (see 
Nonaka paragraph [0246], lines 4-8: comparison of hash values to detect tampering:) 
Nonaka does not specifically disclose disabling the content on the client device. 
However, Chase discloses wherein disabling the content on the client device if 
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tampering is detected, (see Chase col. 3, lines 60-63: usage request; col. 4, lines 10-16; 
col. 33, lines 54-56; col. 33, lines 60-63; col. 34, lines 4-9: content compromised, 
content disabled, access permitted only if content is not disabled) 

It would have been obvious to one of ordinary skill in the art to modify Nonaka as 
taught by Chase to enable the capability to disable content. One of ordinary skill in the 
art would have been motivated to employ the teachings of Chase in order to efficiently 
manage the rights attached to digital data such as the capability to revoke content if 
compromised, and add or remove a particular right, (see Chase col. 2, lines 47-51 : "... 
a need exists for a method and mechanism that allows a content owner to revoke all 
rights of a user to render a piece of content, such as for example if the content owner 
learns that security with respect to such content has been breached. More generally, a 
need exists for a method and mechanism that allows a content owner to modify a 
license of the user to update rights of the user to render a piece of content, such as for 
example to extend an expiration date, adjust a play count, add or remove a particular 
right, etc. ...") 

Regarding Claim 33, Nonaka discloses the method of claim 31 further comprising: 
wherein to initiate generation of the validation hash and comparison to the integrity 
hash, (see Nonaka paragraph [0027], lines 1-7: generation of validation hash; 
paragraph [0246], lines 4-8: comparison hash values to detect tampering). Nonaka 
does not specifically disclose the capability to disable content. 
However, Chase discloses: 
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a) receiving a usage request for the content stored at the client device, said usage 
request; (see Chase col. 3, lines 60-63: usage request; col. 4, lines 10-16; col. 
33, lines 54-56; col. 33, lines 60-63; col. 34, lines 4-9: content compromised, 
content disabled, access permitted only if content is not disabled) and 

b) permitting usage only if the content is not disabled, (see Chase col. 4, lines 10- 
16; col. 33, lines 54-56; col. 33, lines 60-63; col. 34, lines 4-9: content 
compromised, content disabled, access permitted only if content is not disabled) 

It would have been obvious to one of ordinary skill in the art to modify Nonaka 
as taught by Chase to enable the capability to disable content. One of ordinary skill 
in the art would have been motivated to employ the teachings of Chase in order to 
efficiently manage the rights attached to digital data such as the capability to revoke 
content if compromised, and add or remove a particular right, (see Chase col. 2, 
lines 47-51) 

Conclusion 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
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TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Carlton Johnson whose telephone number is 571-270- 
1032. The examiner can normally be reached Monday through Friday from 8:00AM to 
5:00PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Nassar Moazzami, can be reached on 571-272-4195. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published 
applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 
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